Except where otherwise noted, this work is licensed under http://creativecommons.org/licences/by-nc-nd/3.0/

Executive summary
As cyberspace becomes an essential component of modern society, it brings new challenges to countries, which are still
bound by the borders of their national sovereignty. The very logic of cyberspace disregards these borders â&#x20AC;&#x201C; a myriad of
cybersecurity-related issues have to be addressed through cross-stakeholder, regional and international cooperation.
Countries of the Western Balkans are generally lagging behind in introducing and implementing national cybersecurity
legislation and strategic frameworks, and setting up national mechanisms for response to cyber-incidents. The importance of including all actors (the government, corporate, academic and civil society sectors) in cybersecurity-related
endeavours is not yet well understood throughout the region. Political awareness of the problem is weak, thus preventing
strengthening of the institutional capacities to recognise the risks and act upon them on a national as well as a regional
level, which in turn also inhibits regional cooperation.
The research report, Cybersecurity in the Western Balkans: Policy gaps and cooperation opportunities, aims to analyse policy-related gaps and map the existing institutional frameworks in the Western Balkans, in order to enhance regional cooperation and stimulate efficient investments in the region. The report offers a number of recommendations for the possible
next steps towards improving the state of play in Western Balkans countries and a more systematic regional approach by
international organisations.

The research report was drafted under the project â&#x20AC;&#x153;Cybersecurity Capacity Building and Research Programme for SouthEastern Europeâ&#x20AC;?, implemented by DiploFoundation in cooperation with the Geneva Centre for Democratic Control of the
Armed Forces (DCAF), and the support of the Swiss Federal Department of Foreign Affairs (FDFA). The research team was
selected from among several successful participants of the Cybersecurity Winter School for Western Balkans, held in 2014,
one of the activities organised within the framework of the above mentioned project, accompanied by two experts from
Diplo and DCAF. Qualitative research was conducted from February to May 2016.
This illustrated executive summary presents the key findings and main recommendations stemming from the research
report. For more information and specific examples on each finding and/or recommendation, a reference to the chapter
in the full report can be found next to the icon.
The full report is available at: www.diplomacy.edu/cybersecurity

1

Western Balkans

countries
have all embarked on the process
of rounding up their national cybersecurity frameworks pertaining to
legal, policy and educational matters. As the study showcases, this
process varies across the region
and often lacks the strategic efforts, political awareness and cooperation, efficient operational mechanisms, capacities and resources to
cope with the growing likelihood of a
cyber-attack taking place. Although
legal and strategic frameworks do
exist, their implementation remains
a challenge.

2

Some international organisations and donors

that have presence and are active
in the Western Balkans support
the above mentioned process,
without, however, a systematic regional approach. This sometimes
leads to overlapping activities,
thus duplicating the efforts made,
and therefore resulting in non-rational budget spending.

Regional cooperation

in
cybersecurity in the Western Balkans is under-developed, nonsystematic and primarily characterised by an ad-hoc approach.
The majority of regional organisations do not have cybersecurity as
their primary focus. tSome, however, manage to tackle it alongside
more pressing, mostly economyrelated, issues.

3

Cybersecurity environment in the Western Balkans

Status on the national level is assessed based
on the existence of key cybersecurity/information security elements: a proper cybersecurityrelated law, cybercrime law, and a cybersecurity
strategy; an established national CERT (n-CERT);
substantial public-private partnerships (PPP) and
cybersecurity-related education (especially multidisciplinary). In the table, the double line denotes
that (at least) the basics are in place, the single
line denotes that some early developments are
underway, while no line denotes there are no significant developments recorded. [Chapter 4.8]

Lack of cooperation between the
private and civil
sectors and lack of
understanding of
the importance of
this cooperation.

5

Marginal sustainLack of overall
able capacitycybersecurity
building or educa- culture.
tional programmes
in cybersecurity
policy, or their efficient use by the
governments.

6

International Organisations in the Western
Balkan countries
For international organisations (IOs) that have presence and
are active in the Western Balkans, the field of cybersecurity
is â&#x20AC;&#x153;policy-in-creationâ&#x20AC;?. They tackle some of the issues related
to cybersecurity (in line with the specific organisationâ&#x20AC;&#x2122;s priorities), frequently resulting in overlapping and duplicating efforts
made, thus leading to non-rational budget spending. There
is no regional approach to this issue. Instead, IOs deal with it
mostly on a country-by-country basis. However, there are multiple funding and support opportunities in the region (though
not exclusively for the region). Some programmes even require
countries in the region to pair with one another in order to be eligible, thus potentially fostering regional cooperation in cybersecurity. On the other hand, however, Western Balkan countries
either lack general awareness of these possibilities or lack the
resources to apply for available programmes. [Chapter 5]

7

8

Regional cooperation in cybersecurity
Regional cooperation in cybersecurity is under-developed, non-systematic and primarily characterised by an ad-hoc approach. Initiatives are
mainly fragmented and have no clear direction or grand vision, and as
such, they are predestined to make no real impact, and to die down due
to personnel changes and the drying out of available project funds. The
majority of existing regional institutions and initiatives in the Western Balkans scarcely tackle cybersecurity, and only alongside more pressing issues, failing to acknowledge this issue as a â&#x20AC;&#x153;Tier 1â&#x20AC;? level when it comes to
its potential impact on security.
On the other hand, many of these organisations are not set up to focus
directly on actual cooperation in the field, in the sense of developing policy
standards, facilitating the exchange of information or other forms of bilateral or regional cooperation in cybersecurity, and are thus incapable
of addressing the actual pressing issues in this field. Finally, a number of
regional organisations whose portfolio is suitable for dealing with cybersecurity are rather dormant in practice, without any activities and initiatives. When it does arise, regional cybersecurity cooperation mostly occurs between experts and professionals in specific areas. [Chapter 6]

9

Recommendations

10

11

Recommendations for improving the state of play
in the Western Balkans countries
[Chapter 8.1]

Raising awareness
and introducing a
strategic vision among
high-level decision makers,
about the political and socioeconomic importance of digital
technologies, especially of
cybersecurity.

12

4

Increasing institutional capacities
of all stakeholders within each
country in the region to implement
a cybersecurity normative and policy
frameworks, as well as cooperation
across sectors. Increasing operational
capacities of law enforcement
agencies (LEAs), n-CERTs and
govâ&#x20AC;&#x2018;CERTs.

5

6

Creating
multidisciplinary educational
programmes, building the
capacity of end-users/the general
population, developing excellence
and expertise in cybersecurity
research and increasing overall
cybersecurity culture.

Creating strong
ties of decision-makers
with the private, academic
and civil society sectors, through
meaningful and operational
public-private partnerships and
multistakeholder policy shaping.
Assisting these actors in jointly
applying for funds provided by
international organisations
and donors.

13

Recommendations for International Organisations
operating in the Western Balkans
[Chapter 8.2]

International organisations should use their
existing bodies in the Western Balkans to foster cooperation and the exchange of knowledge among stakeholders. This is particularly applicable to the EU, as it
has the greatest number of programmes and funds
available for the region as well as the strongest political leverage.

2

1

IOs should create new cybersecurity programmes and synergies specifically for the region, thus
supporting cybersecurity cooperation at the regional
level. The EU has only one cybersecurity programme
(iPROCEEDS) that encompasses the whole of the Western Balkans. This practice should spill over to cybersecurity issues other than cybercrime.

Country field offices of different IOs should work
together on cybersecurity issues. Some field offices (the
OSCE Mission to Serbia, the OSCE Mission to Skopje, the
UNDP Mission to Albania) have smaller projects where
different deficiencies are tackled on a national level. However, a regional approach would increase the outcomes of
these projects and allow for better communication and
knowledge exchange between similar institutions.

An exchange of best practices on drafting and implementing regulations, especially at decision-making levels, will help policy makers overcome the inertia that
prevents the implementation of the many already drafted policy documents. Good
experiences on setting up PPPs also need to be exchanged.

With limited resources available for education, it might be advantageous to enhance academic exchanges and initiate collaborative and sustainable multidisciplinary education programmes in the region.

Given the transnational nature of cybercrime, the need for efficient cooperation between
LEAs from the region in joint investigations is obvious. Specific joint training activities
might enhance their capacities. Regional organisations with successful footprints in the
field of police and judicial cooperation should provide the framework.

It is immensely important to place cybersecurity at the top of the regional political agenda. Such development would boost further activities and enable the drafting of a regional roadmap for cybersecurity, including the coordinated usage of international support
mechanisms. There are several organisations that have the potential to be used for this
purpose (SEECP, RCC etc.).

15

Creating a regional cybersecurity
centre of excellence
The innovative, yet highly efficient solution for enhancing regional cooperation would
be the creation of a new regional knowledge-based institution as a platform for shaping policies, developing technical knowledge and sharing best practices in the region.
The so-called Cybersecurity Centre of Excellence would work on several levels:
a) Technical – connecting regional CERTs in a joint effort of sharing information
about incidents and defending regional computer networks from attacks.
b) Policy – connecting stakeholders for creating best institutional and legislative solutions for the region, and exchanging best practices.
c) Capacity building – delivering tailor-made cybersecurity policy capacity
building programmes as well as advanced technical programmes, targeting
various stakeholders.
d) Public-private partnership – initiating a regional form of public-private partnership, such as regional awareness raising campaigns and mechanisms for
building cybersecurity competences.
[Chapter 8.3.2]

DiploFoundation is a leading global capacity development organisation in the field of Internet governance.
Diplo was established by the governments of Switzerland and Malta with the goal of providing low cost, effective courses
and training programmes in contemporary diplomacy and digital affairs, in particular for developing countries. Its main
thematic focuses are on Internet governance (IG), e-diplomacy, e-participation, and cybersecurity.
Diplo’s flagship publication ‘An Introduction to Internet governance’ is among the most widely used texts on IG, translated
into all the UN languages and several more. Its online and in situ IG courses and training programmes have gathered more
than 1500 alumni from 163 countries. Diplo also hosts the Geneva Internet Platform (GIP).
Diplo also provides customised courses and training both online and in situ.